Policy

A Triumph for Patent Trolls, a Defeat for Computer Security

The two policy subjects most likely to raise the hackles of your average techie around the Thanksgiving table this year: the patent system and the importance of effective cryptography. Now a court case in Texas has managed to roll the two esoteric topics together in the most aggravating way possible.

A jury ruled Monday against Newegg, an e-commerce company defending itself in a lawsuit brought by a patent-assertion entity (or, if you prefer, a troll). The verdict awards the plaintiff, TQP Development, $2.3 million for patent infringements in the online retailer’s security system.

TQP is exactly the kind of company that policymakers have been trying to squelch. The lawsuit against Newegg is notable for several reasons, not least that the suit made it to a jury trial in the first place. Most companies established for the sole purpose of asserting patent rights are looking for settlements, and TQP itself has gotten many of its targets to settle.

The threat of an expensive trial is sometimes just a way to extract such deals. Some companies have found that showing a willingness to go to trial has actually been an effective negotiating tactic. But Newegg wanted to take a stand, and it seems to have come at a cost. The online retailer told Ars Technica that it would appeal, but it has not responded to a request from Bloomberg Businessweek for further comment.

The assertion that TQP’s patent should cover Newegg’s security techniques was challenged by Ron Rivest and Whitfield Diffie, cryptographers who invented some of the underlying technologies. But this was apparently not enough to persuade the jury. James Denaro, the founder of Cipher Law, says that he has already been having discussions with anxious clients about whether their own security systems could be subject to similar litigation. “The message is clear. The technologies you are using to secure your corner of the Internet may be covered by a patent, and that may be asserted against you,” he says.

The result is particularly galling because it comes at a time when technologists are particularly focused on the importance of powerful cryptographic techniques, thanks to the National Security Agency and revelations from its former contractor Edward Snowden. There hasn’t been more interest in cryptographic innovations in the recent past. Still, the direct implications of this case are somewhat limited. TQL’s patent expired last year, and while the company can still demand licensing fees from companies it claims have used its techniques in the past, such threats will become progressively less scary.

This is the usual pattern for companies that make a living from patent lawsuits, says Julie Samuels, a senior staff attorney at the Electronic Frontier Foundation. “The data show that most patents that end up in the hands of patent trolls are used aggressively in the last four to five years of their life,” she says. “The patent has stopped being valuable to protect any real technology, so they’re trying to milk any last value out of it.”